Application Security Terminology

Glossary

Authentication

In its simplest form, authentication is the act of verifying a person's claim about his or her identity. There are multiple ways by which users can identify themselves, such as typing a username and password, swiping a smart card, waving a token device, or using voice recognition. In fact, the basis of authentication lies in the principle that without a proper form of identification, a system will not be able to authenticate a specific subject.

The proper identification of a person, application, device, or group is vital for safeguarding and maintaining the confidentiality, integrity, and availability of the company's IT infrastructure. Based on business policies, access controls can be created for authenticated users and information. Audit capabilities can be used to further help organizations make users accountable for their actions by identifying who did what, when, and where, as well as determining whether the organization complies with internal and external requirements.

To learn more about different forms of authentication, read our article, Multi Factor Authentication: Using “something you KNOW” and “something you HAVE” to protect your applications.